Skip to main content

Pc Worx Express

7 CVEs product

Monthly

CVE-2023-46143 HIGH This Week

Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs allows an unauthenticated remote attacker to modify some or all applications on a PLC. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Automationworx Software Suite Axc 1050 Firmware Axc 1050 Xc Firmware Axc 3050 Firmware +14
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-46141 CRITICAL Act Now

Incorrect Permission Assignment for Critical Resource vulnerability in multiple products of the PHOENIX CONTACT classic line allow an remote unauthenticated attacker to gain full access of the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Automationworx Software Suite Axc 1050 Firmware Axc 1050 Xc Firmware Axc 3050 Firmware +14
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2021-34597 HIGH This Week

Improper Input Validation vulnerability in PC Worx Automation Suite of Phoenix Contact up to version 1.88 could allow an attacker with a manipulated project file to unpack arbitrary files outside of. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pc Worx Pc Worx Express
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2021-33542 HIGH This Week

Phoenix Contact Classic Automation Worx Software Suite in Version 1.87 and below is affected by a remote code execution vulnerability. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Microsoft Memory Corruption RCE Config Pc Worx +1
NVD
CVSS 3.1
7.0
EPSS
1.8%
CVE-2020-12498 HIGH This Week

mwe file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier is vulnerable to out-of-bounds read remote code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Pc Worx Pc Worx Express
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2020-12497 HIGH This Week

PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Pc Worx Pc Worx Express
NVD
CVSS 3.1
7.8
EPSS
14.7%
CVE-2019-16675 HIGH This Week

An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Microsoft Information Disclosure Config +2
NVD
CVSS 3.1
7.8
EPSS
3.3%
EPSS 0% CVSS 7.5
HIGH This Week

Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs allows an unauthenticated remote attacker to modify some or all applications on a PLC. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Automationworx Software Suite Axc 1050 Firmware +16
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Incorrect Permission Assignment for Critical Resource vulnerability in multiple products of the PHOENIX CONTACT classic line allow an remote unauthenticated attacker to gain full access of the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Automationworx Software Suite Axc 1050 Firmware +16
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Improper Input Validation vulnerability in PC Worx Automation Suite of Phoenix Contact up to version 1.88 could allow an attacker with a manipulated project file to unpack arbitrary files outside of. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pc Worx Pc Worx Express
NVD
EPSS 2% CVSS 7.0
HIGH This Week

Phoenix Contact Classic Automation Worx Software Suite in Version 1.87 and below is affected by a remote code execution vulnerability. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Microsoft Memory Corruption RCE +3
NVD
EPSS 2% CVSS 7.8
HIGH This Week

mwe file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier is vulnerable to out-of-bounds read remote code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +2
NVD
EPSS 15% CVSS 7.8
HIGH This Week

PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +2
NVD
EPSS 3% CVSS 7.8
HIGH This Week

An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Microsoft +4
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy